Latest News
New cybersecurity threat discovered in the EA Games – Origin Platform

Nettitude discover a critical vulnerability that compromises the security of user devices.
Nettitude announced we have identified a vulnerability affecting the Electronic Arts Origin Windows client. This discovery is a major find for Nettitude as we strive to continually enhance and maintain the security of our clients and the digital world we live in.
“EA Origin is used by millions of gamers around the world” says Chris Oakley, VP of Technical Services for the Americas at Nettitude. “This vulnerability allows threat actors to deploy malware to e.g. compromise banking and payment data, deploy ransomware, and more.”
Nettitude have found that Electronic Arts Origin Windows client has a vulnerability in the way it handles one of its software libraries. It also runs with excessive service permissions.
This combination of flaws allows an attacker to exploit a machine running the Origin Windows client by moving locally from a low privilege user to a user with the highest privileges. Subsequently, an attacker could easily deploy malware locally and even move laterally to other machines in the network for wider compromise.
A full technical analysis for this vulnerability can be found here. That article explains how we identified and exploited the vulnerability. It also provides guidance to developers on avoiding the same class of vulnerability. The vulnerability was discovered by Tom Wilson (@uint_ptr).
Electronic Arts were receptive to our report and, following communications with us, have recently produced an effective patch. As of the latest version, this local privilege escalation vulnerability in Electronic Arts Origin Windows client has been fixed. This vulnerability has been assigned CVE-2020-27708.
-
Interviews4 days ago
Why crash has become big business for operators and suppliers
-
Latest News4 days ago
Veikkaus Enters into Long-term Partnership with Jokerit
-
Balkans5 days ago
Evoplay partners with Palms Bet to strengthen Bulgarian presence
-
Compliance Updates4 days ago
Lukashenko Says Gambling Establishments Should Introduce Moratorium on Gaming in Debt
-
Asia4 days ago
BETBY TRIUMPHS AT SiGMA ASIA MANILA, WINNING BEST ESPORTS PROVIDER AWARD
-
Interviews4 days ago
Bet Builder Q&A w/Abelson Sports’ CBO Jeevan Jeyaratnam
-
Latest News5 days ago
Altenar goes live in the Netherlands with Starcasino
-
Conferences in Europe4 days ago
WiseGaming ready to showcase agile platform at SBC Malta